Risky Business #614 -- So was it Florida Man or an Iranian APT?

World's crappiest ICS threat actor rumbled by Sheriff Bob and team...
10 Feb 2021 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • The latest on the attempted Florida water poisoning incident
  • How to abuse Google Sync services for great victory
  • Why Signal’s TLS proxies for Iranians are probably a bad idea
  • OG username brokers targeted by social media legal army
  • Much, much more

This week’s sponsor interview is with Dan Guido of Trail of Bits. They’ve released an enterprise version of their iVerify tool. It’s a security tool for iOS (an Android version is in beta) that lets organisations monitor things like patch levels and passcode compliance without actually requiring the installation of MDM profiles. It’s an enterprise mobile security tool for orgs that don’t need or want full MDM.

Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Hackers try to contaminate Florida town's water supply through computer breach | Reuters
Water, Water Everywhere – But Nary a Hacker to Blame – Stranded on Pylos
'Cyberpunk 2077' Maker Was Hit With Ransomware—and Won't Pay Up | WIRED
FBI leaned on Dutch cops' hacking in Emotet disruption
Researchers find financial ties between notorious ransomware gangs
Blockchain transactions confirm murky and interconnected ransomware scene | ZDNet
Two Iranian hacking groups appear to be actively snooping on critics around the globe
Signal issues workaround for Iran's ban of messaging app
Can The FBI Hack Into Private Signal Messages On A Locked iPhone? Evidence Indicates Yes
Here's the Cease and Desist Facebook Sent to 'OG' Account Thieves
A Coordinated Takedown Targets 'OGUser' Account Thieves | WIRED
Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts — Krebs on Security
Security firm Stormshield discloses data breach, theft of source code | ZDNet
Lawsuit filed against California firm over Washington state auditor data breach | The Seattle Times
Rudy Giuliani, Sidney Powell named in $US2.7 billion libel suit by Smartmatic voting company
Chrome users have faced 3 security concerns over the past 24 hours | Ars Technica
InfoSec Handlers Diary Blog
CacheFlow: Malware hidden in popular browser extensions went undetected for years | The Daily Swig
Google: Proper patching would have prevented 25% of all zero-days found in 2020 | ZDNet
Project Zero: Déjà vu-lnerability
SonicWall issues patch for firmware zero-day used to attack the company and its customers
‘Severe’ SolarWinds Vulnerabilities Allow Hackers To Take Over Servers
Skype ‘spoofing vulnerabilities’ are a haven for social engineering attacks, security researcher claims | The Daily Swig
Android devices ensnared in DDoS botnet | ZDNet
A Spyware Vendor Seemingly Made a Fake WhatsApp to Hack Targets
Clearview AI ruled ‘illegal’ by Canadian privacy authorities | TechCrunch
Arrest, Raids Tied to ‘U-Admin’ Phishing Kit — Krebs on Security
Serbian man extradited to US over cryptocurrency mining fraud scheme
Hack against older Nespresso vending machines facilitates endless free beverage exploit | The Daily Swig
There Are Spying Eyes Everywhere—and Now They Share a Brain | WIRED
Patrick Gray on Twitter: "I'm wondering if anyone can tell me if MDM is still a necessary enterprise software category? iPhone/Android data at rest is fairly secure (assuming passcode is set) and widespread commodity device ownage isn't really an issue. Is MDM still actually useful?" / Twitter
iVerify for Organizations | iPhone and Android Security for Your Team